CVE-2022-0540: Jira Authentication Bypass Vulnerability
On April 20, 2022, Atlassian officially issued a risk notice for Jira and Jira Service Management. The vulnerability number is CVE-2022-0540, and the vulnerability level is high risk.
JIRA is a project and transaction tracking tool produced by Atlassian, which is widely used in defect tracking, customer service, requirements collection, process approval, task tracking, project tracking, and agile management. Jira is used for issue tracking and project management by over 180,000 customers in 190 countries.
Vulnerability Detail
Jira and Jira Service Management are vulnerable to authentication bypass attacks in its web authentication framework, Jira Seraph. An unauthenticated remote attacker could exploit the CVE-2022-0540 vulnerability by sending a specially crafted HTTP request to bypass authentication and authorization requirements in WebWork operations using the affected configuration.
“Although the vulnerability is in the core of Jira, it affects first and third party apps that specify roles-required at the webwork1 action namespace level and do not specify it at an action level. For a specific action to be affected, the action will also need to not perform any other authentication or authorization checks.”
Affected version
Jira
- All Jira versions before 8.13.18
- Jira 8.14.x, 8.15.x, 8.16.x, 8.17.x, 8.18.x, 8.19.x
- Jira 8.20.x < 8.20.6
- Jira 8.21.x
Jira Service Management
- All Jira Service Management versions before 4.13.18
- Jira Service Management 4.14.x,4.15.x,4.16.x, 4.17.x, 4.18.x, 4.19.x
- – Jira Service Management 4.20.x < 4.20.6
- – Jira Service Management 4.21.x
Unaffected version
Jira
- 8.13.x >= 8.13.18
- 8.20.x >= 8.20.6
- All versions >= 8.22.0
Jira Service Management
- 4.13.x >= 4.13.18
- 4.20.x >= 4.20.6
- All versions >= 4.22.0
Solution
In this regard, we recommend that users upgrade Jira and Jira Service Management to the latest version in time.
